[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jun 5 21:44:23 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9cd4d5a7 by Salvatore Bonaccorso at 2023-06-05T22:43:51+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2023-3109 (Cross-site Scripting (XSS) - Stored in GitHub repository admidio/admid ...)
- TODO: check
+ NOT-FOR-US: admidio
CVE-2023-3066 (Incorrect Authorization vulnerability in Mobatime mobile application A ...)
- TODO: check
+ NOT-FOR-US: Mobatime mobile application
CVE-2023-3065 (Improper Authentication vulnerability in Mobatime mobile application A ...)
- TODO: check
+ NOT-FOR-US: Mobatime mobile application
CVE-2023-3064 (Anonymous user may get the list of existing users managed by the appli ...)
- TODO: check
+ NOT-FOR-US: Mobatime mobile application
CVE-2023-34097 (hoppscotch is an open source API development ecosystem. In versions pr ...)
TODO: check
CVE-2023-33970 (Kanboard is open source project management software that focuses on th ...)
@@ -27,19 +27,19 @@ CVE-2023-33956 (Kanboard is open source project management software that focuses
CVE-2023-33733 (Reportlab up to v3.6.12 allows attackers to execute arbitrary code via ...)
TODO: check
CVE-2023-33693 (A buffer overflow in EasyPlayerPro-Win v3.2.19.0106 to v3.6.19.0823 al ...)
- TODO: check
+ NOT-FOR-US: EasyPlayerPro-Win
CVE-2023-33690 (SonicJS up to v0.7.0 allows attackers to execute an authenticated path ...)
- TODO: check
+ NOT-FOR-US: SonicJS
CVE-2023-33524 (Advent/SSC Inc. Tamale RMS < 23.1 is vulnerable to Directory Traversal ...)
- TODO: check
+ NOT-FOR-US: Advent/SSC Inc. Tamale RMS
CVE-2023-33518 (emoncms v11 and later was discovered to contain an information disclos ...)
- TODO: check
+ NOT-FOR-US: emoncms
CVE-2023-33386 (MarsCTF 1.2.1 has an arbitrary file upload vulnerability in the interf ...)
- TODO: check
+ NOT-FOR-US: MarsCTF
CVE-2023-32766 (Gitpod before 2022.11.3 allows XSS because redirection can occur for s ...)
TODO: check
CVE-2023-31893 (Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vul ...)
- TODO: check
+ NOT-FOR-US: Telefnica Brasil Vivo Play (IPTV) Firmware
CVE-2023-2634 (The Get your number WordPress plugin through 1.1.3 does not sanitise a ...)
NOT-FOR-US: WordPress plugin
CVE-2023-2572 (The Survey Maker WordPress plugin before 3.4.7 does not escape some pa ...)
@@ -59,11 +59,11 @@ CVE-2023-2337 (The ConvertKit WordPress plugin before 2.2.1 does not escape a pa
CVE-2022-4946 (The Frontend Post WordPress Plugin WordPress plugin through 2.8.4 does ...)
NOT-FOR-US: WordPress plugin
CVE-2015-10115 (A vulnerability, which was classified as problematic, was found in Woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2015-10114 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2015-10113 (A vulnerability classified as problematic was found in WooFramework Tw ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3100 (A vulnerability, which was classified as critical, has been found in I ...)
TODO: check
CVE-2023-3099 (A vulnerability classified as critical was found in KylinSoft youker-a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cd4d5a73093d92221ad687a8c3ebbdd0f5e9cfc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cd4d5a73093d92221ad687a8c3ebbdd0f5e9cfc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230605/71d16c78/attachment.htm>
More information about the debian-security-tracker-commits
mailing list